ACT CORRECTIVE SERVICES QUALITY ASSURANCE FRAMEWORK

ACTCS QUALITY ASSURANCE FRAMEWORK UNCONTROLLED IF PRINTED

Review Date: 22 JANUARY 2022 1

ACT CORRECTIVE SERVICES QUALITY ASSURANCE FRAMEWORK

JUSTICE AND COMMUNITY SAFETY DIRECTORATE

14 JANUARY 2020



DOCUMENT INFORMATION

Approval

Date approved/effective: 22 January 2020

Approved by: Jon Peach, Commissioner, ACT Corrective Services

Signature:

Review date: Two years from date of effect, following a significant change or there is a change in security risk

Details

Document Properties Approval Details

Framework Name: ACTCS Quality Assurance Framework

Framework Number:

Framework Type:

Custodian: ACT Corrective Services

Framework Advisor:

Responsible Branch: Commissioner, ACTCS

Stakeholders:

Document/Legislation References:

Amendment history

Version Issue Date Amendment Details Author

0.1 23/05/2019 Initial draft C Cuttance

0.2 14/10/2019 Second draft S Aziz

1.0 22/01/2020 First Version S Aziz



CONTENTS

DOCUMENT INFORMATION ........................................................................ 2

DEFINITION OF TERMS ............................................................................... 4

1. PURPOSE .......................................................................................... 4

2. SCOPE .............................................................................................. 4

3. ACTCS QA FRAMEWORK ..................................................................... 5

4. ACTCS QA FRAMEWORK CONTEXT ....................................................... 7

5. ROLES AND RESPONSIBILITIES ............................................................. 8

6. ACTCS QUALITY ASSURANCE UNIT ....................................................... 9

6.4 QUALITY ASSURANCE ANNUAL AUDIT SCHEDULE ............................. 10

6.5 REPORTING .................................................................................. 11

6.6 AUTHORITY .................................................................................. 11

7. REVIEW .......................................................................................... 11

8. ENQUIRES ....................................................................................... 11



DEFINITION OF TERMS

Term Definition

Assurance An objective examination of evidence for the purpose of providing an independent assessment of governance, risk management and control processes for ACTCS.

Audit

An independent and objective assurance activity designed to add value and improve ACTCS’s operations. It helps ACTCS accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes.

Compliance Adherence to policies, plans, procedures, legislation, regulations, contracts or other requirements.

Control

Any action taken by ACTCS management, the Executive Governance Committee and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved. ACTCS management plans, organizes and directs the performance of sufficient actions to provide reasonable assurance that objectives and goals will be achieved.

Control Objectives

Provides a specific target against which to evaluate the effectiveness of controls i.e. what ACTCS is trying to achieve with the implementation of the control, for e.g. An ACTCS Policy/procedure is implemented to ensure compliance with legislation, the Control Objective is the compliance with legislation.

Quality Assurance An activity focused on providing confidence that quality requirements will be fulfilled.

1. PURPOSE The Australian Capital Territory Corrective Services (ACTCS) is committed to achieving the highest standards in meeting its strategic objectives, legislative, regulatory and policy requirements through continuous improvement. This ACTCS Quality Assurance Framework is designed to assist the agency and its staff in achieving the highest standards in meeting these objectives.

2. SCOPE This framework applies to all ACTCS Operational and Corporate areas.



3. ACTCS QA FRAMEWORK The ACTCS’s vision is to be recognized as a leader in the provision of effective Corrective Services which positively change lives, reduce re-offending and prevent future victims. The ACTCS Quality Assurance Framework will assist ACTCS in achieving this vision by assisting the agency in embedding efficient and effective processes, evidence based decision making and a continuous improvement approach. The ACTCS Quality Assurance Framework seeks to ensure:

• ACTCS meets its legislative, regulatory and policy requirements. • ACTCS achieves its strategic objectives. • The decision-making processes are informed and justified. • A culture of Continuous Improvement is embedded within the ACTCS. • ACTCS risks are appropriately identified and managed. • ACTCS employee actions are in compliance with policies, standards, procedures, and

applicable legislation and regulations. The ACTCS Quality Assurance Framework is set out in Diagram 1 below:

ACTCS Quality Assurance Framework

Diagram 1: ACTCS Quality Assurance Framework

THE ACTCS QUALITY ASSURANCE FRAMEWORK HAS THREE COMPONENTS:

1. Planning - The ACTCS planning, implementation and controlling processes assists ACTCS meet it’s legislative, regulatory, policy and strategic objectives. Some of the ACTCS Planning

2. Review

"How We Are Doing"1. Performance against ACTCS Plans2. KPI's3. Audit

3. Risk Management

"What We Do"1. ACT Government Priorities2. JACS Priorities3. JACS Budget4. ACTCS Strategic Plan5. ACTCS Operational Plan

1. Planning



elements are the ACT Government Priorities, JACS Priorities, JACS Budget, ACTCS Strategic Plan and ACTCS Operational Plan. This component sets the focus for “What We Do”.

2. Review – This is the analysis and evaluation of how well ACTCS has performed against its plans and objectives. Some of the review elements are; performance against ACTCS Plans, Key Performance Indicators (KPIs), staff surveys, benchmarking and audit. This element sets the focus for “How We Are Doing”

3. Risk Management – The ACTCS Risk Management process assists the agency in meeting its objectives and improving the organisation’s effectiveness by identifying and analysing risks, implementing controls and monitoring the residual risks. ACTCS Risk management is an ongoing process and is continually evolving.

The ACTCS Quality Assurance Framework has embedded the Plan, Implement, Monitor/Review, and Improve (PIMI) model as shown below.

Diagram 2: ACTCS Plan, Implement, Monitor/Review and Improve (PIMI) Model As detailed by the ACTCS QA Framework and the embedded PIMI model, the ACTCS is committed to continuous improvement. After the ACTCS defines its key regulatory and strategic requirements, its

•MONITOR & REVIEW•Study the results of the

implementation stage.•Gather feedback.•Compare results to see if the

plans’s objectives and requirements have been met.

•IMPROVE•Assess results from the

monitor/review stage•Determine changes needed in

order to ensure plan’s objectives can be met.

•Adjust processes accordingly.

•IMPLEMENT•Implement the plans.•Execute the processes.•Assign roles and responsibilities.•Coordinate and document

activities.•Monitor and record progress

against plans.•Collect Data.

•PLAN•ACTCS Establishes and Defines:•The legislative, regulatory and

policy requirements.•The Strategic objectives to be

achieved.•The processes necessary to deliver

the results.•The expected output.•Clear management direction.•Responsibilities for the objectives.•How the plans will be

communicated effectively.Plan Implement

Monitor & ReviewImprove



strategic and operational plans are created. In implementing these plans, risks are assessed, managed and required governance and control mechanisms are implemented to ensure that the objectives are achieved.

The ACTCS plans are monitored and the results are compared against the plan’s objectives and requirements. If results are not meeting the requirements of the plans than processes are adjusted. The ACTCS QA Framework is a continual improvement process that assists the ACTCS in meeting its objectives.

4. ACTCS QA FRAMEWORK CONTEXT The ACTCS is part of the Justice and Community Safety Directorate (JACS) and operates in an environment of statutory, regulatory, and policy obligations, that govern the operations, business and management components of delivering and administering custodial and community corrective services in the Australian Capital Territory (ACT).

To better understand this context, Diagram 3: ACTCS Three Lines of Defence (TLD) model has been created. The model illustrates the ACTCS Context for the management and coordination of risks, controls and governance processes to assist ACTCS in meeting its legislative, regulatory, policy and strategic objectives.

Diagram 3: ACTCS Three Lines of Defence

1st Line of Defence

ACTCS Operational Management

• Custodial Operations

• Community Corrections

• Corporate Services

Responsible for planning, implementing and monitoring operational plans and effectively managing risks.

3rd Line of Defence

Directorate Internal Audit

• JACS Internal Audit

Responsible for independent assurance on governance, risk management and internal control processes.

2nd Line of Defence

ACTCS Risk & Compliance Functions

• ACTCS QA Unit

Responsible for providing assurance that ACTCS objectives and requirements are being met and an effective risk management process is in place.

JACS Strategic Management Committee

JACS Audit, Performance & Improvement Committee

ACTCS Executive Governance Committee (EGC)

Acco

unta

bilit

y an

d R

espo

nsib

ility

Inte

rnal

Ove

rsig

ht External

Oversight

ACT

Audi

t Offi

ce, A

CT

Om

buds

man

ACT

HR

C, A

CT

Insp

ecto

r of C

orre

ctiv

e Se

rvic

es



The ACTCS QA Framework operates within the first and second lines of the model.

The first line includes ACTCS business units that deliver custodial, community corrective services and ACTCS corporate services. The business units in this line create operational plans in line with the ACTCS Strategic Plan. The business units then implement and monitor these operational plans and also ensure that risks are managed in achieving these objectives.

The second line consists of the ACTCS Quality Assurance Unit and this team provides ACTCS management assurance that ACTCS objectives and requirements are being met and an effective risk management process is in place.

These two lines both report to the ACTCS Executive Governance Committee (EGC). The ACTCS EGC is the peak ACTCS oversight committee that establishes the ACTCS’s Strategic Direction, and oversees ACTCS’s operational performance. As noted above, The ACTCS QA Framework works within these two lines to ensure continuous improvement in achieving ACTCS’s objectives.

The third line of defence is the JACS Internal Audit Function which evaluates the ACTCS governance, risk management and internal control processes and provides independent assurance to the JACS Audit, Performance & Improvement Committee (APIC). The APIC is a subcommittee of the JACS Strategic Management Committee (SMC). The JACS SMC provides oversight for the directorate and assists JACS in achieving its objectives by managing JACS’s priorities and risks.

As ACTCS is part of the ACT Government, other organisations such as the ACT Audit Office, ACT Ombudsman and the ACT Human Rights Commission provide external oversight that the ACTCS is meeting its legislative, regulatory and policy objectives.

5. ROLES AND RESPONSIBILITIES

Role Responsibilities

Executive Director, ACTCS

Determines the purpose and strategic direction of the ACTCS Quality Assurance Schedule, including matters that may affect the ACTCS Quality Assurance Unit’s ability to achieve the intended results.

Executive Governance Committee, ACTCS

Determines the purpose and strategic direction of the ACTCS Quality Assurance Schedule, including matters that may affect the ACTCS Quality Assurance Unit’s ability to achieve the intended results.



6. ACTCS QUALITY ASSURANCE UNIT

6.1 ROLE OF THE ACTCS QUALITY ASSURANCE UNIT The ACTCS Quality Assurance Unit provides an independent and objective assurance service to add value and improve ACTCS’s operations. It assists ACTCS to accomplish its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of risk management, control and governance processes across ACTCS activities. The quality assurance work focuses on providing assurance about the standard of controls within ACTCS. Control objectives will consider:

• Compliance with legislation, regulations and policies

Assess compliance with legislation, regulations and policies across the ACTCS, relating to operational risks.

• Achievement of ACTCS objectives Assess whether ACTCS objectives are being achieved – this will include review of operational plans to assess whether objectives are being achieved.

• Decisions are properly authorised Assess whether decisions are properly authorised – this will include review of delegations and their application to the authorisation process.

• Reliability and integrity of information Review the reliability and integrity of operational information – the focus will include tests of the accuracy, reliability, completeness, timeliness and usefulness of information.

• Efficiency, effectiveness and economy Assess efficiency and effectiveness of operations to ascertain whether these attributes are being considered in design and implementation of policy, procedures, business operations and systems.

• Safeguard assets Review whether assets are safeguarded by focusing on physical security and testing for risks such as fire, theft and illegal activities.

6.2 TYPES OF ASSURANCE SERVICES The assurance services provided by the ACTCS Quality Assurance Unit may include:

• Compliance Audits Review of operating controls to see whether they conform to established legislation, standards, regulations and procedures.



• Spot Checks

These are reviews of operational controls but are not as in-depth as audits and are to provide assurance quickly to management.

• Operational Audits Examine the use of resources to evaluate whether those resources are being used in the most efficient, effective and economical way to fulfil organisation objectives.

• Follow–Up Reviews These are conducted to determine whether recommendations from previous internal audits and external audits have been implemented in a timely manner and are achieving the intended results.

6.3 QUALITY ASSURANCE AUDIT PROCEDURES The ACTCS Quality Assurance (QA) team uses a systematic approach to undertake its audit and assurance activities. The QA team’s activities will be guided by ACTCS Audit Standards and the ACTCS QA Manual.

6.3.1 ACTCS AUDIT STANDARDS The ACTCS QA team will create Audit Standards for all high risk ACTCS Policies and Procedures. All QA Audits will be undertaken against the Audit Standards. The methodology for using ACTCS Audit Standards in QA audits will be part of the ACTCS QA Manual.

6.3.2 ACTCS QUALITY ASSURANCE MANUAL An ACTCS QA Manual will be developed which will outline the quality assurance methodology and provide QA staff with guidance on the conduct of audit and assurance activities. The QA Manual will provide guidance for the:

• Development of the Annual Audit Schedule.

• Methodology in using ACTCS Audit Standards in Audit Work.

• Planning, fieldwork and reporting of individual audits.

• The follow up of recommendations from the audits.

6.4 QUALITY ASSURANCE ANNUAL AUDIT SCHEDULE

ACTCS will use a risk based approach to establish its Annual Audit Schedule. This approach will be flexible, dynamic and timely in order to meet the changing needs and priorities of the ACTCS. The schedule will have sufficient capacity to include additional audits and spot checks as requested by the Executive Director ACTCS or the Executive Governance Committee.

The QA Annual Audit Schedule will be developed by the ACTCS QA Unit in consultation with ACTCS Management and will be approved by the Executive Director, ACTCS and the Executive Governance Committee.



6.5 REPORTING The activities of the ACTCS Quality Assurance Unit and the results of review projects will be reported to the Executive Director, ACTCS and to the ACTCS Executive Governance Committee. The ACTCS Quality Assurance Unit may also provide reports to the JACS Audit, Performance and Improvement (APIC) Committee, as requested.

6.6 AUTHORITY

The ACTCS Quality Assurance Unit is authorised to:

• Have unrestricted access to all functions, records, property and personnel as required by the Executive Director, ACTCS and the ACTCS Executive Governance Committee.

• Have full and free access to the ACTCS Executive Governance Committee.

• Allocate resources, set frequencies, select subjects, determine scope of work, and apply the techniques required to accomplish review objectives.

• Obtain the necessary assistance of personnel in ACTCS where reviews are performed, as well as other specialised services from within JACS.

The ACTCS Quality Assurance Unit is not authorised to:

• Perform any operational duties for ACTCS.

• Initiate, authorise, record, process or report accounting transactions external to the ACTCS Quality Assurance Unit.

• Direct the activities of any ACTCS employee not employed by the ACTCS Quality Assurance Unit, except to the extent such employees have been appropriately assigned to review teams or to otherwise assist the ACTCS Quality Assurance function.

7. REVIEW This framework will be reviewed on an ongoing basis, with a formal review to occur at a minimum every two years.

8. ENQUIRES For additional information on this Framework, please direct your enquiries to the ACTCS Senior Manager, Executive Support and Governance:

Email: [email protected]

Phone: (02) 6207 3979



JUSTICE AND COMMUNITY SAFETY DIRECTORATE 22 January 2020

ACT CORRECTIVE SERVICES QUALITY ASSURANCE FRAMEWORK

Documents

Transcript of ACT CORRECTIVE SERVICES QUALITY ASSURANCE FRAMEWORK